Keeping how the net works open to all

Plans to combat spam are in trouble because Microsoft wants too much power, argues technology analyst Bill Thompson.

Experts are looking at several ways to stop spam getting through

The internet relies on a large number of technical standards which define in precise and tedious detail how every component of this vast and complicated network of networks interrelates with every other component.

Many of these standards make up the Internet Protocol Suite, which most of us just call TCP/IP. Some are specific to the web or other network applications.

Others, like the core routing protocols that tell the data sent from your computer how to get to another computer based on its IP address, are used everywhere.

Making a new internet standard is the job of the Internet Engineering Task Force, or IETF, a body that few of today's net users have heard of but on which we all depend.

Most the time we do not hear about its work because it goes on so smoothly that new standards are developed and old ones updated almost invisibly.

Even when things go wrong, it does not normally make the papers, because everyone involved works hard to find an acceptable solution, putting the larger needs of the internet as a whole above the interests of one company or person.

But the fuss that is brewing over Sender ID, a way of authenticating e-mail senders to make it much harder for spammers to send messages, is starting to spill out of the technical community and into the wider debates about the net's future.

Who are you?

The idea of authenticating e-mail senders has been under discussion for several years, but it has only recently got close to becoming a standard.

The current version combines two approaches to the problem, one called Sender Policy Framework and the other called Caller ID for E-mail.

Sadly the public domain, the free space within which we can all operate without having to worry about the property rights of others or having to ask permission, is being constantly whittled away by privatisation of public spaces and extensions of intellectual property law

The fuss is about Caller ID, which was contributed to the standard by Microsoft.

The company has said that anyone who wants to use Sender ID must take out a licence to use it, because it incorporates Microsoft's intellectual property.

Licences are not unheard of in this area, but the one which Microsoft wants to use imposes various conditions on users of the new standard that many find unacceptable.

It has provoked the Apache Foundation, the group behind the Apache web server, into withdrawing its support for Sender ID as a standard.

And it seems to be incompatible with the GNU General Public License (GPL) under which much of today's internet software is distributed. That means that GNU/Linux distributions will not include Sender-ID functions in the e-mail systems.

This is a worrying situation, not least because it shows how fragile the open standards process can be. Microsoft has worked with other companies to define a useful way of limiting spam, but has decided that its own interests are greater than those of the wider community.

What may well happen is that the standard will be ratified even with Microsoft's licensing conditions, but it will only be fully implemented in proprietary mail systems.

The free software and open source communities will then be outside the charmed circle when it comes to blocking spam, making life difficult for companies that use their software.

This, of course, may be exactly what Microsoft is hoping for, as it would damage the credibility of free or open source software and give it a marketing advantage.

Small space

In an excellent dissection of the history of Sender ID, published on the CircleID website, IETF member Yakov Shafranovich points out that most of Microsoft's contribution was built on top of work done by others.

That is not surprising, as it is the way the internet standards system has always worked.

JibJab makes fun of the presidential candidates

What is surprising, and unacceptable to those of us who believe in open standards, is that any company should then seek to assert ownership of the finished product.

Whether or not Sender ID works is not the issue. It might, as some argue, simply result in an escalation in the ongoing spam wars, with clever programmers finding ways to spoof the authentication system within days of its implementation.

Or it might finally allow users to build reliable filters, accepting only e-mail from proven sources.

What really matters is how the standards and technologies which make up the core of the internet, things like core web protocols, are developed and managed and how we maintain the electronic commons within which open standards should exist.

Sadly the public domain, the free space within which we can all operate without having to worry about the property rights of others or having to ask permission, is being constantly whittled away by privatisation of public spaces and extensions of intellectual property law.

Fair parody

We can see this in another example of corporate inflexibility, this time over a web cartoon.

Animation studio JibJab recently posted a hilarious parody of the Woody Guthrie song This Land Is Your Land, in an animation that pokes fun at both George Bush and John Kerry.

It was so good that my son Max learned all the words and sings it constantly.

Soon after it put the song on their site, it was contacted by lawyers from Ludlow Music, the people who publish Guthrie's songs, telling them it was in breach of copyright and should take the offending page down.

Fortunately, JibJab did not just cave in, as so many others have done when they get a nasty letter. It contacted the Electronic Frontier Foundation, who campaign for online rights, and has successfully argued that its parody is a fair use of the original.

In fact it seems that This Land is not even in copyright, since the copyright expired in 1973 and was not properly renewed, although it should be pointed out that Ludlow Music dispute this.

What is not in dispute, however, is the way that the publisher tried to use copyright law to stop the creative reuse of material in a way which most of us would see as entirely legitimate. Parody is not piracy, whatever copyright holders would like to claim.

And open standards should be just that - open for anyone to use. If a company wants to take part in the standards-setting process and have its say on the way the internet develops, that is fine.

But if it does so, it cannot then claim ownership of the ideas or technologies that make it into the standard. It is not how the net works.

---

Bill Thompson is a regular commentator on the BBC World Service programme Go Digital.